In the context of information technology, social engineering refers to the act of tricking people into divulging confidential or sensitive business information, and breaking security policies. This form of attack infiltrates companies by targeting their weakest access point, which predominantly is a firm’s employees.
The Art of the Phishing Con
Let’s examine a popular technique for social engineering known as phishing. In a phishing scheme, the hacker broadly disseminates a fraudulent email with aim to acquire sensitive data, such as, login credentials, IT resources or banking information. The message may request the recipient to submit personal information or to click on a link embedded with malware. Although this approach rarely dupes sophisticated users, a distracted employee could make one mistake and compromise a firm’s entire network.
They say a picture is worth a thousand words so here is an infographic of our 2013 Global Hedge Fund Technology Benchmark Study that explores the most common front, middle and back office applications and technology used at today's hedge funds.
It’s that time of year again: time to take a look ahead and make predictions for the top technology trends of 2013. I don’t think any of these trends will come as a surprise to you, but let’s take a closer look.
I know - we had this topic on last year’s list, too. But it’s so important, it deserves another nod. Smartphones and tablets have invaded the enterprise world like never before, and we’re seeing companies work more diligently to manage the use of these devices. Strategies such as Bring Your Own Device (BYOD) give firms the ability to allow employees to use personal devices for work purposes. While this provides employees with flexibility in terms of which devices they can use (and eliminates the need to carry more than one), it also highlights the importance of enhancing security measures to protect sensitive company information from getting into the wrong hands. Speaking of security…
Last week, we revealed the results of our 2012 Hedge Fund Operations & Technology Benchmark Study, which surveyed over 300 buy-side firms about their front, middle and back office technology and vendor preferences. This year’s findings underscore the need for investment firms to employ robust systems to support trading operations and meeting increasing regulatory and investor demands.
Below is a summary, but you can download the full report here.
Within the financial services industry, Eze Castle surveyed 320 firms including hedge funds (61%), investment managers or investment banks (12%), private equity firms (7%), fund of hedge funds (4%), broker/dealers (2%), and venture capital firms (1%). Additional firms included in an ‘Other’ category include family office, legal, real estate, endowment, quant, biotech and insurance brokerage.
Firms surveyed fell into three asset classes: 30 percent reported their AUM as $100 million and under; 32 percent fell between $101 and $500 million; and 38 percent reported over $500 million in assets under management.
On Tuesday, we began our webinar recap by looking at Form PF requirements and recommendations and other essentials for maintaining an effective compliance program. The second half of our webinar focused on technology compliance, specifically around message archiving, email security and mobile device management. Let’s take a closer look at some of the content that was covered. If video is more your style, you can watch a replay of the webinar here.
Record Retention & Message Archiving
The SEC currently requires investment advisers to retain all internal and external electronic business communications. Rule 204-2 mentions the following specific measures:
In order to meet the requirements of the SEC, firms must retain and archive more than just email. Instant messages, Bloomberg and Thomson Reuters messages and other electronic communications are also considered required archival material.
What is an MPLS Network?
MPLS (Multi-Protocol Label Switching) is a mechanism in high-performance telcom networks that directs data from one place on the network to another based on short path labels rather than long network addresses. MPLS is highly scalable and protocol agnostic.
In an MPLS network, packets of data are assigned labels, and all packet-forwarding decisions are made solely on the contents of these labels, eliminating the need to examine the packets themselves. As a result, end-to-end circuits can be created across any type of transport medium, using any protocol.
At Eze Castle, we like to boast that our private cloud services are delivered via an MPLS network which connects our data centers. That sounds good, but what are the real benefits of this type of network infrastructure? We asked our vice president of networking services, Mike Abbey, for some insights. Here’s what we learned.
Categorized under: Communications
It’s alive! It’s alive!
Well actually tomorrow, June 6 2012, it (aka IPv6) will officially be alive, but that doesn’t work with our Hedge IT blog calendar so today we look at IPv6.
As a refresher, since the inception of the Internet, we have been using IPv4, which totals about 4.3 billion Internet addresses. But with the increasing number of wireless technologies that support the Internet (smart phones, tablet, etc.), these addresses are depleting.
Enter IPv6. The new IPv6 protocol uses 128-bit addresses and allows for substantially more IP addresses – trillions upon trillions of new addresses. The World IPv6 Launch Day marks a key milestone as companies shift their infrastructures to the new protocol, which will eventually completely replace IPv4.